PhpRiot
News Archive
PhpRiot Newsletter
Your Email Address:

More information

Enrise Blog: Debugging Your Web Application with TCPDump and Wireshark

Note: This article was originally published at PHPDeveloper on 21 April 1015.
PHPDeveloper

On the Enrise blog Tim de Pater has posted about a different sort of method for debugging your web applications - using a combination of Wireshark and tcpdump to monitor your application's input and output.

Everything is running great, until suddenly the monitoring is yelling, the load on several servers is rising, MySQL queries/second and the memcached commands/second going through the roof, Apache processes are higher than usual, and the website starts giving timeouts. Yes, that sucks. Of course you'll first check everything that comes up in your mind like logs, diskspace, swap, etc. But then you come to a point that you really have to dive into it to find the cause of this sudden problem. There are several ways of doing this. One way I learned the last time we were in this scenario is using tcpdump and Wireshark.

He gives you a brief "getting started" tutorial helping you get things set up - dumping the packets with tcpdump and sifting through the results with Wireshark. His examples are more specific to watching for memcache traffic, but it can easily be applied to more general kinds of requests. Screenshots are also included so you can be sure you're seeing the right kind of results.